Use this
page to specify the name and the provider for
a collection certificate store. A collection certificate store is
a collection of non-root, certificate authority (CA) certificates
and certificate revocation lists (CRLs). This collection of CA certificates
and CRLs is used to check the signature of a digitally signed SOAP
message.
To view the
administrative console panel for the
collection certificate store on the cell level, complete the following
steps:
- Click .
- Under
Additional properties, click Collection certificate
store.
- Specify a new collection certificate store
by clicking New or
click the collection certificate store name to modify its settings.
To view the administrative console panel for the collection
certificate
store on the server level, complete the following steps:
- Click .
- Under Security, click JAX-WS and JAX-RPC security runtime.
Mixed-version environment: In a mixed node cell with a server using Websphere
Application Server version 6.1 or earlier, click
Web services:
Default bindings for Web Services Security.
mixv
- Under
Additional properties, click Collection certificate
store.
- Specify a new collection certificate store
by clicking New or
by clicking the collection certificate store name to modify its settings.
To view this administrative console page for the collection
certificate
store on the application level, complete the following steps:
- Click .
- Under Modules, click .
- Under Web Services Security Properties, you can access collection
certificate stores for the following bindings:
- For the Request
generator, click Web services: Client
security bindings. Under Request generator (sender) binding,
click .
- For the Request
consumer, click Web services: Server
security bindings. Under Request consumer (receiver) binding,
click .
- For the Response
generator, click Web services: Server
security bindings. Under Response generator (sender) binding,
click .
- For the Response
consumer, click Web services: Client
security bindings. Under Response consumer (receiver)
binding, click .
- Under Additional properties, you can access collection
certificate stores for the following bindings:
- For the Request
receiver binding click .
- For the Response receiver binding, click .
- Specify a new collection certificate store by clicking New or
by clicking the collection certificate store name to modify its settings.
After configuring a collection certificate store, you
can select
the new configuration under Certificate store on the token generator
and token consumer panels. To access these panels, complete the following
steps:
- Click .
- Under
JAX-RPC Default Generator Bindings, click Token
generators or under JAX-RPC Default Consumer Bindings,
click Token consumers.
- Click New to
create a new token generator or token consumer,
or click the name of an existing configuration to make modifications.
After you configure your collection certificate store
on this panel,
you must click
Apply before configuring either
the certificate revocation list or an X.509 certificate. After you
configure your certificate revocation list or X.509 certificate, complete
the following steps:
- Click Save, at
the top of the administrative
console panel, which returns you to the list of the configured collection
certificate stores.
- Click Update runtime to
update the Web
Services Security run time with the default binding information, which
is found in the ws-security.xml file.
Specifies
the name for the certificate store.
The name
of the collection certificate store must be unique in
the scope. For example, the name must be unique at the server level.
The name specified in Certificate store name field
is used by other configurations to refer to a pre-defined collection
certificate store. For example, the application binding refers to
a collection certificate store that is defined on the server level.
The application server looks up the collection certificate store based
on proximity. For example, if cert1 is defined as the name
of the certificate store on the cell and server levels and cert1 is
referenced in the application binding, the application server uses
the server-level collection certificate store.
Specifies the provider for the certificate store implementation.
This product supports the IBMCertPath certificate path provider.
If you need to use another certificate path provider, define the provider
implementation in the provider list within the java.security file
in the Software Development Kit (SDK).
Data type |
String |
Default |
IBMCertPath |